On Thursday, Microsoft announced plans to make Windows more resilient to incidents caused by security firms, such as the global outage caused by CrowdStrike earlier this year that knocked millions of Windows computers offline for more than a day. At a security summit hosted by the company, the Windows maker said it would help these security vendors modify their solutions to work outside of kernel mode on Windows, providing a heightened level of system access along with more advanced functionality.
In a statement issued after its recently concluded Windows Endpoint Security Ecosystem Summit, Microsoft said it discussed building new platform capabilities into Windows that would allow security vendors to offer more features outside of the Windows kernel, which in turn would improve security in the operating system.
Existing security solutions for Windows involve the use of software that runs at the Windows kernel level, giving these applications a greater degree of access to the system compared to regular applications. They can also scan other applications that are loaded into memory to intercept security threats or modify system files if necessary.
While kernel-level access offers benefits for security vendors, a misconfigured software update can negatively impact systems, such as the one released by CrowdStrike in July that caused a massive service outage worldwide. To keep customer devices protected from such incidents, Microsoft would need to ensure that these security vendors operate outside of the Windows kernel.
At the Microsoft Security Summit, the company discussed security vendor requirements and key challenges to implementing a more secure Windows environment while enabling these companies to continue to deliver security features. These include potential performance issues and challenges outside of kernel mode, sensor requirements and tamper protection, according to the Windows maker.
“As a next step, Microsoft will continue to design and develop this new platform capability with input and collaboration from ecosystem partners to achieve the goal of improving reliability without sacrificing security,” Microsoft said Thursday.